I recently enabled audit logging in my STS (based on 2.7.12-SNAPSHOT), by
configuring eventListener in my TokenIssueOperation with an
org.apache.cxf.sts.event.map.EventMapper object. This works great in most
cases. But when my incoming RST contains an ActAs element, I get a
NullPointerException:
java.lang.NullPointerException
at
org.apache.cxf.sts.event.map.EventMapper.handleEvent(EventMapper.java:106)
at
org.apache.cxf.sts.event.map.EventMapper.handleSTSEvent(EventMapper.java:70)
at
org.apache.cxf.sts.operation.AbstractOperation.publishEvent(AbstractOperation.java:729)
at
org.apache.cxf.sts.operation.TokenIssueOperation.issueSingle(TokenIssueOperation.java:233)
at
org.apache.cxf.sts.operation.TokenIssueOperation.issue(TokenIssueOperation.java:83)
...
If I de-configure eventListener in my TokenIssueOperation I have no issues.
Looking over the handleEvent method, it looks like it is referencing this line:
map.put<http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b27/java/util/Map.java#Map.put%28java.lang.String%2Cjava.lang.Object%29>(KEYS<http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf.services.sts/cxf-services-sts-core/2.7.11/org/apache/cxf/sts/event/map/KEYS.java#KEYS.0ACTAS_PRINCIPAL>.ACTAS_PRINCIPAL<http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf.services.sts/cxf-services-sts-core/2.7.11/org/apache/cxf/sts/event/map/KEYS.java#KEYS.0ACTAS_PRINCIPAL>.name<http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b27/java/lang/Enum.java#Enum.name%28%29>(),
params.getTokenRequirements<http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf.services.sts/cxf-services-sts-core/2.7.11/org/apache/cxf/sts/token/provider/TokenProviderParameters.java#TokenProviderParameters.getTokenRequirements%28%29>().getActAs<http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf.services.sts/cxf-services-sts-core/2.7.11/org/apache/cxf/sts/request/TokenRequirements.java#TokenRequirements.getActAs%28%29>().getPrincipal<http://grepcode.com/file/repo1.maven.org/maven2/org.apache.cxf.services.sts/cxf-services-sts-core/2.7.11/org/apache/cxf/sts/request/ReceivedToken.java#ReceivedToken.getPrincipal%28%29>().getName<http://grepcode.com/file/repository.grepcode.com/java/root/jdk/openjdk/6-b27/java/security/Principal.java#Principal.getName%28%29>());
I haven't had a chance to track it much further than this, but it looks like
the event handler is either prematurely accessing the ActAs token, or the ActAs
token was read in and not parseable. The ActAs element, in my case, contains a
SAML 2 assertion previously issued by this STS, so it should certainly be
parseable, and in fact when I disable audit logging everything works fine and
completes normally. I've been away for a few weeks, but my recollection is that
this all worked fine three weeks ago. Has something changed in the snapshot?
Any help or insight would be appreciated, thanx!
Stephen W. Chappell
